RE: iptables starts blocking outbound http traffic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Filipe:

Thanks for the information.

If I do:
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
on each of my servers, they all report 65536 which
seems like a pretty high limit.

If I do:
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count
on each of my servers, the highest number is just over
1100.

If this is the source of the problem, how would restarting 
httpd and tomcat help?  I did not restart the machine nor 
reset iptables.

I am not asking this to be argumentative, just trying to
understand how the facts I am seeing are related.

Thanks,
	Neil

--
Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com
Eliminate junk email and reclaim your inbox.
Visit http://www.spammilter.com for details.  

> If you're using ESTABLISHED, it depends on ip_conntrack being able to
> track the connections. ip_conntrack keeps a table of all connections,
> but this table is limited in size, so it may be overflowing.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux